#room-bugs

Same thing happened when studying XSS practical example (blind xss) task 8

I set up 2 tickets, one for the nc and one for the server in different ports

You can see the payload at the bottom just in case i am making any mistakes but i believe is ok.

Then the system should get me the cookie back but it doesn’t arrives

I have try with and WITHOUT my VPN and it doesn’t work

I do have a cookie for the ticket

No no i dont recieve anything on the listeners

What do you mean by my own cookie?

No that doesn’t happen

Done

But still getting nothing

@vital vine

on it, let me see

that actually did solve the problem

still wondering if i did something similar with the DogCat room

yes SADLY I did get my own cookie

Anyway Lassi thanks for your help and your patience, you are always available and always willing to help.... it is much appreciated by the community

@vital vine

New cookie not coming through so i will restart the machine and try again

I've got this sorted 🙂
Should now deploy with internet access

great @obsidian kiln

Unfortunately restarting the machine doesn't do anything, still not getting the cookie (restarted it twice)

will do

woo! Ill give it a go. been burning a hole in my 'my rooms' dashboard

yuuusss - thanks @obsidian kiln

Hello all
I have a problem in the room https://tryhackme.com/room/kenobi I'm at the end of logging into ssh, when I want to log in using the gained file id_rsa from target ,
I keep getting a message " sign_and_send_pubkey: no mutual signature supported"

used command: " ssh -i id_rsa kenobi@ip

What could be wrong? Thanks !

I checked the answer pages, I did everything correctly, like everyone else.

@lost robin i just checked this and it works fine. want to debug via dm?

Thank you but some user on channel Complete beginner helped me. #878393611929129000 message

" lassi
RSA keys have been deprecated on newer SSH clients, add this to your command: -oPubkeyAcceptedKeyTypes=+ssh-rsa "

I can't access the machine using mentioned credentials ?
https://tryhackme.com/room/intromalwareanalysis

I don't know whether it's only in this room, but https://tryhackme.com/room/introtolan , at the ARP topic, it is accepting typos like mac adress (which is obviously a typo)

But hey, correct me if I'm wrong!

This is something called answer tolerance. There's a small amount of allowed incorrect/missing characters on answers so that minor typos don't ruin you typing out a 32character flag.

If you refresh the page, it'll replace it with the correct answer

Oh okay I didn't know that, thanks!

I finished the burp room a couple of days ago I even got an email confirmation that I got a badge as a reward for the finished room. And now all of a sudden that room is completely erased for me (as if I never did it).

Yeah, that's a different room.

oh okay thanks

Gave +1 Rep to @eternal summit

I can't access this room :
https://tryhackme.com/room/ccpentesting
(Owner has made this room private.) ?

that means you should not be able to access the room unless you were already in it

also means that it is probably outdated and might be getting updated or the owner don't want you to access it anymore for multiple different reasons

thanks for your feedback.

Did you find a link to it or is it in a path?

also .. am not able to follow this room :
https://tryhackme.com/room/uploadvulns
because someone hacked the sites and am being redirected to Rick Astley's video

it is mentioned in task 2
https://tryhackme.com/room/uploadvulns

@obsidian kiln

No, they didn't.
You didn't read the instructions and you're going to demo.uploadvulns.thm.

oh , am so stupid

thanks for clarifying things

🤣 got another one 😁

thanks @eternal summit

Gave +1 Rep to @eternal summit

thanks @obsidian kiln for the great content you're making for beginners like me

Pleasure :)
Glad you're enjoying it!

I wish you you had a counter for that thing.

@icy elbow

@queen sphinx

@icy elbow ⬆️ hope you still around to do cleanup

damn jabba was quicker on the trigger

Ban <User:Mention/ID> [Reason:Text]

[-d d:Duration - Duration]
[-ddays ddays:Whole number - Delete Days]

Invalid arguments provided: "nitro" is not a whole number

-ban 781813619440615466 -ddays 1 nitro scam.

🔨 Banned prolomic#6047 indefinitely

baai

In the Jr Pentester path and module BurpSuite The Basics, the Bastion website is broken. If it loads it will crash when navigating through the homepage.

Working fine for me?

I notice something still not fix until this day. When I put an answer with faster typing and enter. The answer miss last letter like this

That is simply answer tolerance.

https://tryhackme.com/room/extendingyournetwork

Task 6, Question 1

Answer doesn't seem to be working, ||THM{YOU'VE_GOT_DATA||

The answer for the room is THM{YOU'VE_GOT_DATA} (:

Whoops, I missed the close brace

Unless I'm crazy?

damn what

Unless there's whitespace in the answer that you're providing?

No, even the user I'm communicating w/ has tried it

No go

Honestly can't figure out what's wrong

your ‘ looks weird

I've literally just answreed it

That's what I thought

Would answer tolerance only kick in for alphanumerical characters?

God knows

Yeah the ' looks curly so idk how that works

or a comma , but upper instead

is that what the static site gives as the flag?

According to them, yes

And the writeup I read, also yes

But nobody else has had this problem so idk

If I can find the source code for the static site I'll take a look and make an edit

I can see the site but the title does not match to a source code directory

I'll take a look later I need to go do stuff

like laundry

how exciting

No rush :)

Writeups often have special chara replaced with the pretty print version if this is a support related thing

Hello boys, I got a 502 code on the junior pentester path burp suite : repeater. I reboot 2 times the VM but I got always 502 code

Did I do something wrong ?

https://tryhackme.com/room/burpsuiterepeater

It's OK ! It's time to load (around 3/4 minutes 😉 )

That is concerningly slow
Shouldn't be taking anything like that long. But yes, it takes a few minutes to boot up

One sec, I'll have a play with the specs and see if I can speed it up a bit

Okok, when I see the IP, I waited 2/3 minutes to go on website, (I go to the toilet x) )

Uhhh, thanks

There we go. Just convinced it to boot in a minute @gilded sentinel 🙂

thanks 🙂

Gave +1 Rep to @obsidian kiln

hi guys, im doing the room ice and i got a problem when i try to execute the exploit in msfconsole.
when im running the exploit instead of giving me a meterpreter, im getting this error: Exploit completed, but no session was created.

can someone help me with that?

#room-hints please

Hello , i've finished the Burp suite module but am still getting notification on the right hand side (Next Achievement (2/4) Burp'ed) as you can see in the picture :
https://imgur.com/po0u8IE.png

Hey!

the room https://tryhackme.com/room/learnssti

Task 2 question 1 straight up gives you the answer within the answer box. Not sure if intentional. I know it's a learning box.

I think that's intentional cuz it's a learning room rather than a challenge one :)

There are a few missing images in task 5, 6 and 8 in https://tryhackme.com/room/rppsempire

it's not really intentional, but for some reason thm only masks alphanumeric characters - but as was mentioned, it's for learning so it's not a huge deal

-ban 696286897164517396 -ddays 1 scam/phishing link. Please secure your account and appeal the ban at bans@tryhackme.com

🔨 Banned Mon#4335 indefinitely

-ban 861161218962489354 -ddays 1 nitro spam

🔨 Banned KDReddy#4860 indefinitely

@white osprey hehe thats is cause the The hints show up which brackets u have to use... it is intentional its like flag Hints with the {********}

will someone make this room public again

i cant move on without completeing Cc:Pentesting and the owner made it private

replace /home/ with /jr/

or is it room....

Possibly could be could room

Telling people to join private rooms smh

Good job you're not a mod then, eh?

I do it all the time

Yes but note that we don't support nor provide help with private rooms

especially with ones that have gone from public -> private. They're now private for very good reasons

old, outdated content, content not working, etc.

Yeah, but someone was asking for that room yesterday as they needed to do it for school, I think, and James told them to use that trick, I just assumed it was okay.

My mistake if it isn't.

Honestly this might indicate a chat needed with the education customers

education customers are different

they have the ability to clone rooms and have dedicated support

The students are ending up in the discord either way

So, going forward from me, would you like me to stop telling people to replace /room/ ?

it isn't advisable as a learning experience is all I'm saying. But it depends on the context/question. Like if they're trying to figure out how to join their friends room, etc (:

Ok, I'll stop giving out that sort of advice and leave it the mods/cm's. I didn't realise help wasn't given out for private rooms etc, sorry.

It's okay Scrubz (: thanks for your efforts

If it's a room you've done before, no reason why you can't help out if you want to. Just saying that thm don't provide help, unless it's business/education and they have their own channels/means to get that help 👍

@dusky junco Maybe even to change the whole question to something that doesn't have to get updated periodically, since as far as I remember that question had to get updated previously already, just as a suggestion 🙂

Room: https://tryhackme.com/room/printnightmarehpzqlp8
T8 Last Question asks Provide two ways to manually disable the Print Spooler Service. while the answer is more fitting to Provide two ways to mitigate the attack.

Hello, Mitre room is really outdated and you can no longer answer questions with information on Mitre ATT&CK webside (wich is required)

Good example is task 3

Question 5 and 6

now, if you cheat like I do and get answer for question 5, next question is : Based on the information for this group, what are their associated groups?

That information have long since been updated and can no longer give you "Correct" answer

Heh i'm exactly at that task 😄 i guess there are some old writeups for it where can i get the answers?

https://www.thedutchhacker.com/mitre-on-tryhackme/

The answers, but my whole class got this room as homework and its a bit sad that we have to resort to cheating

Thanks and yeah i understand maybe they will update it based on your feedback

Gave +1 Rep to @fading drum

please, THM staff, fix the room when you have time

@lucid oasis

That'd really be a thing for @glad badger

https://tryhackme.com/room/owaspjuiceshop Task 3 Q1 doesn't show the flag when you login as admin, works fine for Q2.

https://tryhackme.com/room/owaspjuiceshop Task4 Q1 - best1050.txt from Seclists is not available either via 'apt-get install seclists' or supposed location of /usr/share/seclists/... it's actually located in /usr/share/wordlists/dirb/others/best1050.txt

Older versions of MITRE are available on the site. I'll request the task to be updated to point to the v8 version. Please let me know if this works: https://attack.mitre.org/versions/v8/

Task4 Q1 might as well be removed since the brute force with burp community seems like it will take hours, not really a foundation task.

another broken flag for juiceshop...skipping entire room

yeah that room is finicky

and might need an update of the juice shop instance it is running for better results

you can brute force it using hydra instead which should speed it up significantly

the 'complete beginner' path seems jumbled up entirely, fundamental rooms requiring that you do separate rooms for gobuster (not in beginners path) and what the shell before starting it, network exploitation basics requiring rooms further down the list to be done first.

Complete beginner is deprecated and was meant to be removed months ago

I don't know about the rest of the tasks since I gave up at task 3 🙂 But I bet you guys check that out

well it's the suggested learning map, you can't say it's deprecated and still have it basically on your front page

It's not my front page, I'm not THM.

obviously i'm not saying it's you

I don't work for THM either, I'm just relaying information that went out by email likely before you joined.

and i'm just a paying customer relaying my views

Stick them into the form in #feedback-and-ideas -- they are much more likely to be seen there :)

noted, strayed off a bit from original issues

@eternal summit

what kind of virus is this?

Dont click it.

-ban @hearty onyx -ddays 1 Nitro phishing. Please secure your account and then appeal this ban by emailing bans@tryhackme.com

🔨 Banned KOBE#4475 indefinitely

Not a virus, just phishing

trying to steal steam account 😄

Discord account usually

Tbf, they usually go for steam as well, and steam phishes are still really common.
Might as well grab both tokens at once if you're gonna infect them with a token stealer, I guess?

Depends whether it's actually distributing malware or just phishing

True

-ban 434572036807983107 -ddays 1 nitro scam

🔨 Banned codecesar#0033 indefinitely

@obsidian kiln can you ban that URL entirely plz?

I can indeed

-ban @kind tartan -ddays 1 Nitro phishing. Please secure your account and then appeal this ban by emailing bans@tryhackme.com

🔨 Banned Preston#4761 indefinitely

Hey, the deployed machine in Phishing room isnt working.

cyborg machine have a bug ?

Web Fundamentals path. I have completed "how websides work" room but it appears to be not completed

• as I click it, it says 100% and all the tasks are x8

Anyone tried to complete : Kubernetes for Everyone Room ?

Cause there is a problem with the server

I get : Error from server: error dialing backend: dial tcp 10.0.2.15:10250: i/o timeout
After running this : k0s kubectl exec -it kube-api -n kube-system -- /bin/bash

That IP looks very very very wrong, that looks like a virtualbox NAT IP. Are you using virtualbox?

yes

This looks like user error rather than a bug with the machine, please ask for help in #972196220485373982

It's a room bug, the problem happens on the machine, afaik the only way to solve T3 is to download the docker image used in the machine.

tried also with the ubuntu machine of tryhackme, and kali linux of tryhackme and got the exact same problem

after rooting it with pwnkit ?👀

Nope, you login as a user with full root privs

that was very easy

but my problem is how can i fix the bug i'm getting

It's kubernetes not docker

You can find the container info and download it using docker.

i'll install docker on the machine then

and give it a try

thanks

Try finding how you can recreate the kube-api on your system

Ok

thanks for the help

Gave +1 Rep to @dense garnet

Room howwebsiteswork contains a bug -> duplicated tasks 8x

Hi don't the qusrions in room howwesiteworks

Only the first

all the tasks are completed but the room does not appeared completed !

in my path

complete beginner

hi , howwebsiteswork room has an issue

each task appears 5 times so, i cannot finish the room

hi, this has already been reported and it's being looked into. Ta (: @floral gorge @fervent marsh

cc @wheat fractal

okay, thanks

I am having the same problem too...
It is not however letting me clear out the duplicates... 😦

https://tryhackme.com/jr/sqlibasics

can someone fix the image pls

Fixed. Thank you for reporting. 🙂

Gave +1 Rep to @royal grail

Task 6 in metasploit exploitation (https://tryhackme.com/room/metasploitexploitation#) :

"Transfer it to the target machine (you can start a Python web server on your attacking machine with the python3 -m http.server 9000 command and use wget [REDACTED] to download it to the target machine)."

the wget command should probably be modified to make it more clear what we're doing even if it should be fairly obvious to someone that gets this far into the learning path. I assume it's just a simple variable goof up but when you launch the VM it changes to "http://ATTACKING_10.10.X.X:9000/PAYLOADGOESHERE.ELF"

I think https://tryhackme.com/room/owaspjuiceshop the server have some issues, I was doing the Task 4: Brute force, Instead of getting 401, I am getting 500 (Internal server error), and I heard it does not take too long to run the 1050 passwords, it took 1.5 hour for me to get to 430 / 1050 passes

@glad badger This is a super quick fix as it's just the wrong placeholder variable

I assume you meant @quaint bone but, I agree. 🙂

Nope, I pinged the QA guy who's able to fix it

oh my bad.

okay thank you for fixing it

Gave +1 Rep to @glad badger

there is another version number in one of the other results that is the correct answer

if you have not noticed already

yeah sorry i just noticed

well no problem then

Hello, at Upload Vulnerabilities Task 7 i cant reach demo.uploadvulns.thm it leads me to this https://www.youtube.com/watch?v=dQw4w9WgXcQ lol. I have done the instructions to change the hosts. . The other sites as overwrite.uploadvulns.thm it works perfect. Someone "hacked" the site :P?

This is due to not reading the instructions in the room

You are explicitly told that demo is just for demonstration in the room and you are not told to navigate to it

In the real world, attacking a target that is out of scope can get you in a LOT of trouble in a penetration test.

ty !! you're right.

Gave +1 Rep to @eternal summit

Minor bug accidentally found in nmap -> task 3 nmap switches -> Question: How would you tell nmap to scan ports 1000-1500? Typed accidentally -p 100-1500 and it gave me correct answer.

Answer tolerance, it accepts the answers if there's only a slight mistake :)

oh okay, thx!

-ban @warped kestrel -ddays 1 Nitro phishing. Please secure your account and then appeal this ban by emailing bans@tryhackme.com

🔨 Banned SJoker#7239 indefinitely

hiyo, i just completed https://tryhackme.com/room/picklerick and just wanted to report that the php hosted on that site died constantly

had to restart the vm every 5min almost

also seems to happen on https://tryhackme.com/room/rrootme

yep, confirmed that i still have inet, and in the rick room the static pages still work, only the php stuff dies

Typo

Decent chance you have multiple VPN tunnels open

Chances of it being the room are incredibly slim -- it's worked absolutely fine for literally about 3 years, and hasn't been updated

@twin tapir fix your room

we were two people with the same problems (not on the same network), but will keep it in mind for next go around

redid it now, prolly not the php as you said, i can see some "write UDP: Network is unreachable (code=101)" in the openvpn connection
confirmed no other tunnels open tho, i got eth0, lo & tun1 interfaces active atm

Not a typo. Just get better. You haven’t heard of the infamous tool Metaploit

https://tryhackme.com/room/mitre - Task 7 - Q: What tool is associated with this technique? Answer (Ruler) isn't available clearly in the newest version.

Basic Info
Browsers: Vmware Kali (Firefox) vs Host MacOS (Brave)
RoomId: Skynet

Maybe this causes by inappropriate fonts in browser.

Hi, in the room Post-Exploitation Basics, task 2, Enumeration with Powerview content should be changed, Powerview is deprecated (maybe update it to something like winPEAS?)

is this a joke? 😫

No.

It wasn't.

It's no longer valid however.

Then maybe it should be more clearly advertise... it is extremely misleading

why keep it here?

so easy to fix

That, is an extremely good question. It's been raised with the site staff, which is all we (as the community) can do unfortunately

i see

I've forwarded this again. Thank you for the reminder. 🙂

Gave +1 Rep to @glossy crane

Thanks Tim :)

no worries

The voucher code has been extended for 2022. 👍

with the same code?

those are really good news

thanks @glad badger

Gave +1 Rep to @glad badger

I'm on https://tryhackme.com/room/linprivesc Task 9 and I can't get a a reverse shell. I've done everything as correct as I can and I've referred to several writeups and I just can't seem to get it to connect to my listener. I assume the cronjobs are just not running perhaps? I did manage to answer the questions as I was able to escalate privileges with the dash binary that has a SUID bit set. I assume that's not intentional?

no... I assumed it wouldn't give me root if I ran it as karen.

I already terminated the session, but I'll give it a try again later and get back to ya

@dusky junco

tryhackme.com/room/somesint aka KaffeeSec
Not exactly a bug, but idk if it should go anywhere else. At Task 4/Last question Check the shadowban api ..., that site went down about 5 months ago.
Searched and found that people did mention it, after approx. 10m they found the answer (write-ups!, most probably) and none continued with the bug/problem. Although it's easy to solve it, shouldn't that question be removed or replaced?
Cc @burnt palm (guessing you're the creator/ of the room)

hello i think i found a bug ?

https://tryhackme.com/room/httpindetail

i already solved all the questions correctly and passed the test 100%, but I did not get a badge and the room was not counted as passed, although when I entered the room, I found that all the questions were passed correctly

so what can i do ?

IIRC that room doesn't give you a badge.

then i say the room was not counted as passed

although when I entered the room, I found that all the questions were passed correctly

Did you answer every question

Yes sir

You said you passed the test but not answer every question

on each task?

yes

Can you show a screenshot?

All seven missions have a pass mark next to them and I have not been given room

i can't send any file here

Verify

from where ?

!docs verify

Follow that URL.

i did it already

thx

@twin tapir

It says there the room is done.

look ?

That's a different room.

That's the room you just done.

wait

look

@glad badger Can you see how this redirect causes issues?

In your video it's marked as done.

how its even that possible

There's a redirect. It's bad, we keep complaining about it. You can't access the Web Fundamentals room at the moment.

Ah, the redirect is the issue

When you told me it was a different room I got a little confused and I didn't even notice the reorientation until after filming the clip

so how can i acess to web fundamentals room ?

You can't access the Web Fundamentals room at the moment.

well I'm so sorry to bother you .

I've made the Web Fundamentals room private again, so it doesn't show up in search results. 🙂

That feels counter-intuitive when people seem to want to solve the room as happened here

It's one of the rooms that have been retired from the platform. The redirect exists for a few of the retired rooms that were still popular. 🙂

I uh, probably had a typo in my payload. It worked fine when I tried again earlier. Thanks.

Gave +1 Rep to @vital vine

I am curious if the dash binary on that VM is intentional however. I was able to get around my messed up payload by just escalating with that binary as it has the SUID bit set.

fair enough.

thanks again @vital vine

Gave +1 Rep to @vital vine

so how can i access to it

if that even possible i really want to join this room

The redirect is still in place so you can't at the moment

will i guess i have no choice , Thank you

Gave +1 Rep to @eternal summit

Room "Throwback" is a Free room, it's a lab so you have to pay to do this, shouldn't this be moved over to the subscription only section?

It's not included in the subscription.

A free tier user can pay for Throwback and complete it

Moving it to the subscriber section would prevent that.

Ooh ok, my bad, thanks for the info

The room has been retired so it is no longer possible to complete the room. 🙂

well , I wish I had not reported this bug

Because I really wanted the badge

There is no reward for anyone who finds a bug lol

!docs bug-bounty

Which badge are you referring to?

Webbed

Well, I did not even contact them at first, but I contacted the support team here, so how can they even reward me?

Discord don't deal with Site issues.

With the exception of a few,

And do you think the redirect error is even worth the reward? They are trying to get vulnerability not a bug

I don't think it was error, but Tim can tell you far more than I.

I'll double check what the Webbed badge is attached to.

Well now I think I lost my chance to get the bug bounty rewards and I lost my badge too. Right ?

the bug bounty program is for security issues for the platform (:

Tim's raised the issues re. the badge to the right people for it to be looked into. Thanks for reporting

Thank You Anyway

The badge is now attached to the HTTP in detail room 🥳

Thanks a lot

Gave +1 Rep to @glad badger

hey guys. I tried to establish a ssh connection in Linux fundamentals 2 but the password "tryhackme" doesn't work. Some idea?

sry for wasting your time... after trying with AttackBox/Kali, it works openvpn at least...

Enrol? Is British English spelling. 🙂

-ban @cunning cove -ddays 1 Your account has been hacked and used to send phishing scams. Please secure your account and then email bans@tryhackme.com

🔨 Banned namaloom#6887 indefinitely

@hazy hinge room OSQUERY Task 7 number of features added by polylogyx needs to be updated in accordance with the readme posted on github

Hi, I've got problems with the room "Attacking Kerberos". I can't enumerate the box. Here is my output. /etc/hosts is correct. I can ping the maschine.
./kerbrute_linux_amd64 userenum --dc CONTROLLER.local -d CONTROLLER.local User.txt

__             __               __     

/ /_____ / / _______ / /
/ //_/ _ / / __ / / / / / __/ _
/ ,< / __/ / / // / / / // / // __/
//||_// /.// _,/_/___/

Version: v1.0.3 (9dad6e1) - 05/16/22 - Ronnie Flathers @ropnop

2022/05/16 06:51:39 > Using KDC(s):
2022/05/16 06:51:39 > CONTROLLER.local:88

2022/05/16 06:51:39 > Done! Tested 1593 usernames (0 valid) in 0.345 seconds

#room-help please^

Can we report typos as bugs as well?

Yes

I'll look into this. Thanks @scarlet imp

Gave +1 Rep to @scarlet imp

-ban @quasi lantern -ddays 1 Your account has been hacked and used to send phishing scams. Please secure your account and then email bans@tryhackme.com

🔨 Banned scorpion K#4988 indefinitely

This is not a room bug

sorry i thought i am in general room

#site-support would be the best place

Packets and Frames room asks to "terminate a static site lab", when you can't terminate sites in the same way you can terminate boxes

Question, I'll try and keep it spoiler free. I noticed that RA and RA2 are vulnerable to a certain exploit that would allow acquiring the flags in about 15 minutes tops. I presume the point was not to utilize this?

Vulnerability was almost certainly discovered after the rooms were released 🙂

Cool thanks, I'll ignore that then!

PrintNightmare?

you might have an adblock running

I have updated firefox and haven't restrted it

Thank you +++

Gave +1 Rep to @median coral

I'm not sure whether this should go to #room-bugs or #site-bugs, but I decided to post it here.
There seems to be a minor bug with one of the answers.

https://tryhackme.com/room/bufferoverflowprep
Room: "Buffer Overflow Prep"
Task 4 "oscp.exe - OVERFLOW3"

The second answer to "oscp.exe - OVERFLOW3" appears to have a minor bug where one bad char is omitted.
The site expects us to answer with just "\x00\x11\x40\x5f\xb8\xed", while "\xee" is also a bad char.
To make sure it's not a problem on my end or a once off glitch, I tried the most basic troubleshooting like restarting my VPN connection, as well as restarting the entire box. However even after the restart, "\xee" still seems to be a bad char with that particular executable.

Bad characters can affect the one next to them, have you tried with \xed removed?

Of course

This is how the ESP dump looks even with the \xed removed but \xee not

All room related to bloodhound, like Post-Exploitation Basics might need to be review, as seems that the ShapeHound.ps1 and Bloodhound being used is not up-to-date. If someone using their own PC/VM instead of Attackbox, the exported json is just simply unable to be imported, and the run down would be a bit different with the new Sharphound.exe/Azurehound.ps1 to finish the task

@gleaming shadow @minor goblet

Uhmm...

Please secure your account.

That’s new haha

Change password and all the things.

THE VIRUS HAS BECOME SENTIENT!!!

Looks like you have spammed this in a lot of channels. I'mma ban you but once you take control of your account sent mail to bans@tryhackme.com .

-ban 588781239956144192 -ddays 1 Nitro phishing Please secure your account and then appeal this ban by emailling bans@tryhackme.com

🔨 Banned Spazod#0123 indefinitely

@dense garnet thank you for notifying.

Gave +1 Rep to @dense garnet

does anyone have an issue that opens a random VM and not the one for the module?

I'm getting RickRolled in the Upload Vulnerabilities room - not sure why ^^ As described in Task 1 I modified the hosts file, but when I try to access http://demo.uploadvulns.thm/uploads I am redirected to youtube. I have captured the traffic with burp and it looks like the is a redirect on the uploads page. Does anyone else have this issue?

Because you did not read the instructions

It very explicitly says you're not meant to access demo

Going outside of scope on a penetration test means you're breaking the law. It's very important to read.

Ahh, ok thanks - now it works 🙂

If you get stuck in a room, your first resort should be re-reading the content. The second should be #room-hints, then writeups, then #room-help, then once you're sure it's a bug you should post here

It's dangerous to assume it's broken just because it's not doing what you'd expect

👍

Jfyi, I got a 500 when uploading a valid file in client-side bypass in https://tryhackme.com/room/uploadvulns. Re-deploying the room machine helped.

Hello

https://tryhackme.com/room/reverselfiles

The binary of this box was don't executable

Chmod +x filename

I'm trying to create a room, but after uploading the VM image which is based on ubuntu 20.04, its showing "Problem converting VM. Check prerequisites.", but they all seem to be matching

Is it 2004 desktop?

yes, Ubuntu 20.04 (64bit) - Desktop Edition

That won't work

Oh, is there a sample base image that i can use to build upon?

Ubuntu server

thanks, will try porting to this one 🙂

Gave +1 Rep to @eternal summit

You really shouldn't need a gui

I tried with the server edition, this time it gets errored out while trying to convert (19%)

I'm trying to do the Plotted-TMS room but every 3 minutes everything crashed it is impossible to complete an nmap let alone a gobuster/nikto scan, it's been three days since I have noticed these kind of bugs/lags... on many rooms is it normal ?

No, it's not normal. Please head over to #site-support

Hello, I think there is a bug with a room
https://tryhackme.com/room/uploadvulns
demo.uploadvulns.thm: I have added it to my /etc/hosts

I tried --url and also -u

Best Regards

Not a bug, you have not read the content in the room properly

You are explicitly told not to navigate to demo.uploadvulns and you are never told to interact with it

Attacking hosts that are out of scope is illegal, you need to read very carefully because if this was the real world in a penetration test you could be in a lot of trouble

Yes I read that, but when gobuster was run in the screen shot, I though I should too 😦
Thanks

Gave +1 Rep to @eternal summit

Heh, that's a new one.
Reading the instruction that says the site literally doesn't exist, then attacking it anyway

-ban @dusky harness -ddays 1 Nitro phishing, please secure your account and then email bans@tryhackme.com to appeal

🔨 Banned S7ven#2647 indefinitely

Hey'o! ☕
The room "Empire" doesn't load images in task 5, task 6 and task 8. (Only 1 image in task 8). Checked with 2 devices and they are gone on both.
Link to room: https://tryhackme.com/room/rppsempire

Not a bug but the experience with the Windows Server in room introtoshells task 13/15 is very bad with just 1GB of RAM.

Ouch, I'll bet it is.
Just given it more 👍

Hello. Not sure if it's bug but my experience with room Post-Exploitation Basics has been quite awful. Unable to connect to the windows server with rdp and ssh hangs quite often, even after 1 hour. If someone could check it. I would be grateful, thanks. https://tryhackme.com/room/postexploit#

@twin tapir

Thank you!

Gave +1 Rep to @obsidian kiln

-ban @sudden geyser -ddays 1 Your account has been hijacked and used to send phishing scams. Secure your account and then appeal this ban by emailing bans@tryhackme.com

🔨 Banned its_tym#2166 indefinitely

-ban @wheat fractal -ddays 1 Your account has been hijacked and used to send phishing scams. Secure your account and then appeal this ban by emailing bans@tryhackme.com

🔨 Banned RTWarpath#8329 indefinitely

Vulnversity room - I cannot get the webpage to load in attack box, keeps giving me SSL_ERROR_RX_RECORD_TOO_LONG error

Not a bug. Remove https and change it to http

got it thanks

Forget about previous post. The problem was on me. I had a another host connected with openvpn so I had actually 2 hosts with the same IP on the network. This is likely what was causing network instability.

weirdest bug ever reported onTHM?

Hello

If i'm not mistaken on the "Practical Example (BLIND XSS)" of this room : https://tryhackme.com/room/xssgi

it's not specified that you need to put the port of your netcat command

And I think It can be confusing for beginers

Oh well my bad

https://tryhackme.com/room/introtolan
For example, a device with the IP address of 192.168.1.100 will be on the network identified by 192.168.1.0
This is not necessarily true unless you specify you are on a /24 network

This is not necessarily true unless you specify you are on a /24 network By default, those are /24 by RFC1918

I get what you are saying, just think it should be specified for someone that is new to it

Don't know how to contact the room author to suggest an edit but maybe someone from the mod team or staff can address this? So:
https://tryhackme.com/room/johntheripper0
In Task 1, section "What makes Hashes secure?" the author seems to confuse P and NP concepts. Generally they would work the other way around. Also these refer to decision problems and I'm not sure if you can formulate obtaining a preimage of a hash in a way that it falls in that problem category at all. It's cool that it's at least mentioned but maybe just rewrite that section?

Hello, I might have broken something: Upload Vulnerabilities
https://tryhackme.com/room/uploadvulns
I was doing the task 11: challange
things did not work as they were supposed to be, so I restarted the machine
I get the IP address, but it is not loading the web page.

Does it mean I have to re-do everything from scratch?

jewel.uploadvulns.thm does no longer load

Did you put it in your hosts?

You need to fix your hosts file, it still points to the old instance

thank you

I did that

Hello, been a while since I came here. I have encountered a problem in the VM attached to the tasks in DNS Manipulation room https://tryhackme.com/room/dnsmanipulation

In "Data Exfiltration", the python script packetyGrabber.py that re-assembles the file from the .pcap file, decodes, then outputs it doesn't execute correctly. I thought it was my error because in the task, the author does say to ignore the error after executing the script. But I spent all 2 hours of the VM trying to make it work. I tried messing with the code and that didn't get me anywhere.

After those hours, I just scp'd the challenges directory to my machine and ran the script and viola! No error and got the re-assembled file correctly.

If someone can get in touch with the author to make sure, I'd appreciate it.

hi guys i have a problem with the Blaster room

i can't find the history in the explorer browser

they are only today history

no wonder i kept getting error with the last question in Task 3 in the "Windows Fundamentals 1" room, it demanded another answer then what the OS says itself it called, so despite i being correct, the OS used another spelling.

-ban @cerulean kayak -ddays 1 Your account has been hacked and is being used to send phishing scams. Please secure your account and then email bans@tryhackme.com to appeal this ban

🔨 Banned Default#5248 indefinitely

-ban @kindred gazelle -ddays 1 Your account has been hacked and is being used to send phishing scams. Please secure your account and then email bans@tryhackme.com to appeal this ban

🔨 Banned _blankMahir#6812 indefinitely

hi guys idk if there is any staff here, in this i can't connect with ssh: https://tryhackme.com/room/linuxprivesc

#room-help please

ok

Hi, i have a bug in the room "Living Off the Land"

when i try to rdp with xfreerdp

Can you link the room as well?

https://tryhackme.com/room/livingofftheland
thanks for the reply

-ban @rustic crag -ddays 1 Distributing malware

🔨 Banned trevor scotland#5095 indefinitely

Hey, not really the bug, but the room may need a bit of actualization :) In Web Enumeration room, in task 9, subtask 2, system does not take answer from scan result because it was created some time ago when current 'latest version' did not exist yet. https://tryhackme.com/room/webenumerationv2

Also, the room https://tryhackme.com/room/rpwebscanning linked at the end is no longer accessible (owner has made this room private). - it is linked twice.

just to warn you that this box does not work anymore you have to update the version of sharphound
https://tryhackme.com/room/postexploit#

Hey does anyone has a solution to make Splunk work in the Incident handling with Splunk Room???
getting a " This browser is not supported by Splunk.
Please refer to the list of Supported Browsers." message everytime

What browser are you using?

Mozilla but also tried chrome same thing

yeh, that happened to me and you'll have to use the ip directly in the url,so not
https://10-10-10-10.p.thmlab.com but
http://10.10.10.10/

Which browser do u use ?because the site is still not loading 😣

firefox

also, can you share the machine ip if it doesnt work?

Sure

10.10.66.81

Ja also trying with Firefox right now

It works for me

¯_(ツ)_/¯

😑🤔

http://10.10.66.81/ this works

They are connected to the VPN?

I hope?

Could be the reason why they're not being able to connect

ok got it

thank u guys

https://tenor.com/view/the-office-bow-michael-scott-steve-carell-office-gif-12985913

https://tryhackme.com/room/winprivesc in the last part there is a msfvenom command that is missing a space before LHOST

https://tryhackme.com/room/windowsforensics2
I'm having issues with the VM in Windows Forensics 2. I've only been able to successfully spin it up once. Can someone take a look at this?
It crashed after 5 minutes, every attempt to spin it up again has failed.

Try it again now, there were some outage issues

I saw that mentioned in #site-bugs, ill try a bit in a few. Thanks for the response.

-ban @tawny rivet -ddays 1 Posting scams

🔨 Banned Hayyan#9198 indefinitely

Hi.. I saw very minor mistake in the room 'Pentesting Fundamentals' ( https://tryhackme.com/room/pentestingfundamentals ).

In the site embedded within the task 5, there's numbering mistake.
There's no stage 6. Number of stage is directly 7 after stage 5.

Hello. I'm trying to do Upload Vulnerabilities room. I keep getting timed out from all of the diffrent adresses (like jewel.uploadvulns.thm) I have terminated and reloaded the room, several time. Cleared cookies. checked /etc/hosts, firewalls. But the problem persists. I have maybe 2 minuts before the room times out, for 8min. I connect trought openvpn and use my own Kali. Anyone ells having these problems?

Sounds like a VPN issue, please head over to #site-support

ok thanks

for idsevasion room only suricata is detecting scans, even for the example scans that are supposed to be detected by Wazuh. I've tried spinning up the room twice with same results.

@obsidian kiln ⬆️

-ban @wheat fractal -ddays 1 Nitro Scam -- compromised account

🔨 Banned DragonHunter#7999 indefinitely

@gleaming shadow @obsidian kiln

The conclusion of the Network Miner room links to a room called "Brim." That link goes to a page with an error. https://tryhackme.com/room/brim

Owner has made this room private.
If this is an error on our behalf. Please contact us.

It's private because it might not be ready yet for public release.

Is the command injection task 5 for jr pentester supposed to display “web page @ might be down/ may have moved permanently” I’ve been seeing it for a couple hours now.

Hello, I was doing the burpsuite rooms and in one of them ,Burp Suite: Repeater; Task: 8 SQLi with Repeater, (https://tryhackme.com/room/burpsuiterepeater) there is a link to a room for SQLi (https://tryhackme.com/room/sqlibasics) however it leads to a page which says that the room has been made private by the owner.

(not sure if that should be considered room-bug or site-bug, sorry if I've put in the wrong channel)

-ban 245291806244339712 -ddays 1 nitro scam

🔨 Banned gerbsec#1956 indefinitely

In the SQL Injection room I started up the machine but it keeps telling me the vm/machine cannot be reached and may be temporarily down. I refreshed and restarted the page a few times and same issue. Maybe its just a temp issue but wanted to put it out there

Ah gotcha lol

I’ve raised this to the appropriate people (: thanks for the screen grabs

Gave +1 Rep to @vital vine

this is fixed now ty @vital vine cc @hazy saddle

Gave +1 Rep to @vital vine

client-side input filtering suggested to prevent command injection

https://tryhackme.com/room/oscommandinjection

Hey guys, I can't validate the path to files secrets.txt and realsecret.txt in the room meterpreter. The path is correct because I could extract the content of the files. Any idea? => Okay nevermind, the path must not contain the file name to be validated.

Hello, might there be a bug at the task 8 of Cross-Site Scripting room (https://tryhackme.com/room/xssgi)

I got the base64 (c2Vzc2lvbj1mMmFiZThiZGFiZDBkNDY4ZjNiNjJiOTFiMjg1ZTA1OA==)
and decoded it as session=f2abe8bdabd0d468f3b62b91b285e058 with both kali linux and https://www.base64decode.org both of them gave me the same result. However
it does not accept the answer

• cookie=c2Vzc2lvbj1mMmFiZThiZGFiZDBkNDY4ZjNiNjJiOTFiMjg1ZTA1OA==
• c2Vzc2lvbj1mMmFiZThiZGFiZDBkNDY4ZjNiNjJiOTFiMjg1ZTA1OA==
• session=f2abe8bdabd0d468f3b62b91b285e058
• f2abe8bdabd0d468f3b62b91b285e058
  I do not know what to type in here

Best Regards

Are you clicking the ticket before you let it automatically send you the cookie? You may be getting your own cookie if that is the case. I had that issue, if I am understanding your issue correctly.

@finite gyro

I'm in Web Enumeration Room Task 9. I think there is something wrong with the wordpress box as WPScan was unable to detect the main theme. Same results after restarting machine thrice

"The main theme could not be detected"

Hi guys, I have a problem with Burp room. I've done it but it still appearing as available. What can I do?

i think that the room you finished was the deprecated one, it was replaced with this new one that appear is not completed, i think...

Ohh no i think i'm wrong this happened when the room was part of a path but if you have all the tasks inside it completed i think it's something else, saw some other complaining a while ago about this but can't remember what caused it or how to fix it

I see, does it send the cookie in some time delay?

Thanks in advance

Gave +1 Rep to @hazy saddle

Thanks, appreciated

https://tryhackme.com/room/owaspjuiceshop task 7, all three questions are broken. For the first 2, I don't get the flag. For question 3, the exploit doesn't work. I can't even debug the javascript properly on catching the click event. I get stuck in an event handler loop without being able to inspect the JS variables! Is this a browser thing? I noticed that the VM is not identical to the questions, the shipment ID is different.

I tried Chrome and Firefox, my own Kali VM and AttackBox.

Basically, the Angular app won't respond to changes after the # fragment identifier, after the initial page has loaded.

So I load the /#/track-result?id=xxxx-xxxxxx page and it shows, but changing anything after the id= doesn't do anything at all

https://tryhackme.com/room/activedirectorybasics task 8, link provided to powerview on github is for powerview3, deployed Windows machine has installed Powerview2, link or Powerview on virtual machine should be changed in order not to waste other users' time looking for a solution

Is anyone doing Task 13 of the Burp Suite: The Basics

The instruction say Take a look around the site on http://MACHINE_IP/

which I am assuming means to browser to the AttackBox's IP in a browser, but I am just getting error ```Error response

Error code: 405

Message: Method Not Allowed.

Error code explanation: 405 - Specified method is invalid for this resource.```

https://tryhackme.com/room/burpsuitebasics

haha okay

got it thanks. doing it in pieces with large gaps inbetwwen, fotgotten that nugget of info

thank you

@dusky junco (for when you get back into the "office") -- this seems to be very common. Might be worth replacing the default 405 error handler with a more helpful "If you're seeing this then you've connected to the wrong machine, go back to the room and try again" message?

I just reviewed the pages on MITRE that are needed to answer the questions in Task 7. Ruler is still listed. Keep searching.

replying to a month old question 😆 it wasn't there at the time.

the root.txt flag do not seem to be on alfred box anymore

better late than never.

It's there.
The instructions tell you that you need to migrate. That's a critical step, otherwise the box tells you the file doesn't exist.

This should be a lesson about reading the content too.

is this box not working ? https://tryhackme.com/room/jackofalltrades

I just did it again and it was working without any problem.

Hasn't been changed in years, so I very much doubt that the image has upped and broken all by itself 🤷‍♂️

Room https://tryhackme.com/room/encryptioncrypto101 task 1 refers to room https://tryhackme.com/room/ccpentesting which is now marked private.

Not really a bug as you can access private rooms, but IMO the John the Ripper room that would be linked instead is really really not good content

I'm not staff, don't ping me for bugs please.

didn't mean to, sorry!

eternal blue can take a few tries to work but you might have an error in your setup too

I'm a dumbass and an idiot, forgot to check my VPN connection.

Hey I dont know if it is my machines problem (kali linux 2022 latest version) but in the blue room the meterpreter session is really unstable and some times the auxiliary scans i used on the target box said that it is not vulnerable to eternal blue ms17-010

Restarted the vpn and the machine 2 times but the sessions were still unstable

!dark

yeh that blue exploit is unstable and can take a couple of tries to work properly, just re check your setup and try it a couple more times :)

aight np with tht just had to report it

I am having the exact same issue

In room monitoringevasion i in the agent.exe from the source code I don't see a call to the getflag static method. And it seems like agent always returns the same error

Hi. In the Brainstorm room the answer to number of open ports is 6, however there are only 3 ports open (even googled other people's walkthroughs to confirm)

hi

The type of trusts put in place determines how the domains and trees in a forest are able to communicate and send data to and from each other when attacking an Active Directory environment you can sometimes abuse these trusts in order to move laterally throughout the network.

this is in Active Directory Basics

it needs punctuation

Hi, anyone know why this room is private: https://tryhackme.com/room/bpsplunk ?

Hi 👋 that room has been retired because it is old and we have replaced it with more detailed and newer splunk content.

• Splunk101 https://tryhackme.com/room/splunk101
• Splunk2 https://tryhackme.com/room/splunk2gcd5
• Splunk 3 https://tryhackme.com/room/splunk3zs

This is under the "Security Operations & Monitoring" heading in the "Cyber Defence" pathway (:

Yay!

Thank you so much!

Gotta get that Splunk fix 😎

Oh yes indeed : )

Thanks again Ben!

anytime!

Ooooh, so the 101 was already the room to do before. Ok gotcha I can continue so thanks lol

-ban @wheat fractal -ddays 1 Nitro phishing. Secure your account and then appeal this ban by emailing bans@tryhackme.com

🔨 Banned MorganHartman#9069 indefinitely

https://tryhackme.com/room/networkservices : Task 7 - Exploiting Telnet
The remote subject telnet server only allows running one command per session (when connected). After that it freezes completely and requires a VM reboot; making a second session causes it to be frozen as well. For instance I run .HELP, it shows possible commands properly, then no action can be taken (even ctrl+c does not work). Exploiting this server right away after making connection like .RUN <payload> works.

I am doing the tech support room and trying to run a script but it giving me a wrong creds, I got then and decrypted them and can log in on the web but can get in with this script

got it for got the / in the url at the end

https://tryhackme.com/room/startingoutincybersec the splunk room mentioned is a private one now...not sure if thats supposed to be, if so...should it be taken out of the module ?

Hey, good call. I've updated the link to point to https://tryhackme.com/room/splunk101 (: ty for reporting

Gave +1 Rep to @leaden kayak

Not a bother glad to help

Why is robocop unable to give me rep ? :(

it gave you rep (: #room-bugs message

it's based on certain keywords like thank, thanks, ty

Why does it say invalid user ?

Could be caching

we're a big server

but there you are

Cool thx. Does rep do anything ? Is there a way to see how much rep does a user have ?

You should be able to use -rep for your user (:

so just

-rep

rip

do it in #bot-commands

Got it...so you are the cmnatic 👍

indeed (:

perhaps infamous

I'll let you decide 😄

Room: Living of the Land

Error message:
"Connection Error - The remote desktop server has denied access to this connection. If you require access, please ask your system administartor to..."

Can not either connect through embedded attackbox or my own Kali VM.

https://tryhackme.com/room/bpsplunk

this room has been made private

Do I have any way to access it

It has been replaced.
This is not a room bug.

what is the new link

Go to hacktivities and search for splunk

ok thanks

Hi guys,
I am doing the log4j room ,
the ldap server is running correctly (marshalsec), the python http server running correctly and giving the Exploit.java, but the reverse shell with nc , I am not getting , can't understand what is the problem

#room-help please

so it can't be a bug ?

It could be, but you should NOT assume that it is

about this,
we have discussed in #room-help , you can see it, and the Exploit.class is not being executed in the server side, can't understand why

https://tryhackme.com/room/encryptioncrypto101 Task 1 the link is broken

the CC pentesting room

Still having this issue
Room: Living of the Land
"CONNECTION ERROR"

#room-bugs message

Ah ok good to know

https://tryhackme.com/room/windowsinternals task 7

Apparently the flag it displays is incorrect

this issue is also mentioned in the thread for this room with the correct answer

Can you paste your answer here with spoiler?

Or try ||THM{1Nj3c7_4lL_7H3_7h1NG2}||

||THM{1Nj3c7_4LL_7H3_7h1NG2}||

just replacing the "I" with "L"

Yeah, as I suspected.

I think it's a 1.

No, it's a l.

it's l

I think because I don't think you can copy from the box.

you can copy from the box if you fullscreen it and click yes when your browser prompts for clipboard access 🙂

I meant that individual box with the flag.

I had trouble with that, but that was on my Vm.

ah yeah, can't copy out of a command prompt window, yeah, you're right.

Gotta do rdp into the box to copy ig

@hazy tiger

-ban 559932466320900117 -ddays 1 Nitro Scam

🔨 Banned Stewie Griffin#9805 indefinitely

https://tryhackme.com/room/retro
having a problem in this room

there is no option to open the link even after initializing both internet explorer and google chrome.

Intended. Not a bug, still exploitable@north verge

I managed to complete it through kernel exploit, but I think it is a bug in Windows Server 2016, as mentioned in muiri's write-up. But the solution in the write-up doesn't work as well.

It's not a bug though

It's actually intentional from the room creator

owh, so this path is like a rabbit hole?

No

It's exploitable.

It's not a bug, it's just something that makes the exploit more difficult. Fully intended

Really? Urgh

-ban @proper pewter -ddays 1 Nitro Scam

🔨 Banned Vaishnavu C V#8844 indefinitely

Not a bug per se...
But https://tryhackme.com/room/agentsudoctf
I guess I should have remembered the room name. But running linpeas you get one possible CVE to exploit (which works) that's not the intended "room name" way. Due to the room being old and not patched.

But anyway, due to linpeas giving me this, I got a bit confused by the question here. The format the question asks for is CVE-XXXX-XXXX . so 4 x's on both places.
The intended CVE wanted contains 5 x's at the end. Maybe at least update the question text? 😄

https://tryhackme.com/room/powershell
Can someone explain how the answer for Intermediate Scripting is ||11 and not 1||

My scans come up with ||1 open port||

It might be linpeas giving a better exploit because technically it is better because running a script for the better one just puts you in root

The Machine in the network services room in the telnet section isn't stable...it keeps going dead

@dusky junco

@dusky junco

👀

-ban 277913887666339840 -ddays 1 nitro scam

🔨 Banned ZeniKen#5217 indefinitely

ty

https://tryhackme.com/room/networkservices2 - Enumerating NFS - when i mount /home directory there is /cappucino directory but nothing in it

is it just temporary bug?

ok

Hi, It seems he https://tryhackme.com/room/xssgi Task 8 Practical Example (Blind XSS) is broken. I set up the listener and when I open the ticket, I get my cookies, but I never got any staff-session.

Try from the attackbox

thanks, It worked from the AttackBox

Gave +1 Rep to @eternal summit

Hello,

I have a doubt in room Hacking with powershell last task named Intermediate scripting

tcp connection is only succeeding on ||1 port but answer is 11|| in range 130 to 140

do we have to answer on basis of pings?

Hi, not sure where this should go, but OSquery room, task 4, the number of tables available at version 4.7.0(as per screenshot), is not accepted as the correct answer as neww tables have been addedd. Same room task 6, the osquery version deployed is 4.6.0.2, but the task only accepts 4.2.0 as the correct answer

Hello, I was doing THM Wreath Network https://tryhackme.com/room/wreath.
And for some reason,, I get thrown out of the room. All the progress I have made resets automatically.
This is 2nd time I have experienced this in the last 3 days.
Can someone help me with this?

The server chucks everyone out after x amount of days ( I think Wreath is 7 ) you just download a new vpn pack then re-join the room.

This is new information. I will try again after downloading VPN pack. Thank you (:

Gave +1 Rep to @quaint sparrow

When you rejoin, this part here which will tell you how long you have left.

I saw that, and today it was 9 days.

Ah, strange.

Don't know if you'd call it a bug but Encryption - Crypto 101 recommends you to complete CCPentesting prior to the room but it's a private room

#room-bugs message

https://tryhackme.com/room/encryptioncrypto101 the room mentioned in the first task is a private one

Someone literally just said this

Lol sorry

Blue
it ask to use this payload windows/x64/shell/reverse_tcp

but it doesn't work

use the binded payload and it work

Heya, I wouldn't call it a bug but I'm not sure where else to point it out. You guys are probably already aware of it, but just in case: I just did the NMAP introduction room Task 2 question 3. [Research] How many of these are considered "well-known"? (These are the "standard" numbers mentioned in the task). It asks for the number of well known ports but it doesn't accept the "correct" answer I got from google ||1023||, but instead it accepted ||1024||.

It's 0-1023.

So it's 1024.

Ohhh that makes sense xD I did not think of that!

thanks!

-ban 730386604144984125 -ddays 1 nitro scam

🔨 Banned penguencici#6464 indefinitely

The logging tool for That's the Ticket doesn't appear to be working. Idk if this is a new or old problem. The room works fine with ||Burp Collaborator|| but the same code would not work with the logging tool. FYI

If you mean the request catcher on http://10.10.10.100/ then yes, it has been broken for a while now

would've been nice to know that up front

Yeh, there should be a disclaimer on there

@icy elbow

-ban 858405211173683210 -ddays 1 Nitro scam

🔨 Banned saknks#5733 indefinitely

thanks

Gave +1 Rep to @solar drum

@gleaming shadow

sigh

What room is this?

That's the Ticket

Looking at adding something to say that Burp Collaborator can be used instead, thanks 🙂

Gave +1 Rep to @spark crag

Not a bug , but a line is repeated in task 35 of holo

https://i.imgur.com/mvjzTLS.png

How did you get it working with collaborator? The target machines do not have internet access so they cannot hit your collaborator server

@misty cave (It won't work)

It did work tho

I had my Kali VM connected to the THM network and then ran Burp within the VM

It will work to get your own token

Because your browser has internet access

The target machine absolutely cannot send it's token to collaborator.
It cannot even resolve the domain, let alone communicate with it.

i once encountered this too

i was doing an csp lab and used beeceptor which worked for the lab

idk how

Except that it did work. You can try it yourself

Won't on THM unless the box has internet access.

Again, you can try it yourself to get the email

Looks like we've got the DNS and logging tool up instead

I found a bug//incorrect info in a room should I send a feedback via the feedback and ideas or just drop it in here?

Spotted a bug: One of the questions this room asks: 'What is the maximum length of a subdomain?'. The correct response would 253 however, the hint given is only two characters and the accepted answer is 63

it appears that the following question is also wrong:
'What is the maximum length of a domain name?' the hint is three characters and it wants 253 as the correct answer. Which is the correct answer to the first question. I think the answers just got flipped by accident. Not sure if this is on my end or THM

https://tryhackme.com/room/dnsindetail

yes

it is fixed now

cant seem to insert an image but sent you on dms

that is the issue it is saying that the correct answer is 63 not 253

I could be misinterpreting this but the rooms says the length must be kept to 253 character or less

"You can use multiple subdomains split with periods to create longer names, such as jupiter.servers.tryhackme.com. But the length must be kept to 253 characters or less"

This is in reference to the whole domain not just subdomians?

Ok got it, thanks for the clarification

Hi! I'm in the Living off the Land room and can't seem to access the Windows VM from AttackBox with the given credentials.

can someone please help?

https://i.imgur.com/SFqOITl.png Wreath room, 5th task, it asks to open the website, however it's not working

something is wrong with http server

#wreath-network the network might just need a restart

it answers to icmp and I can see a port open

if the website is down and there's nothing about it in the associated video walkthrough, then probably best to go for a reset
you can make a reset vote every hour

yeah...

requires 5 people to reset

false alarm, sorry

@hazy tiger plz am working

-ban -ddays 1 Nitro scam

Ban <User:Mention/ID> <Duration:Duration> <Reason:Text>
Ban <User:Mention/ID> <Reason:Text> <Duration:Duration>
Ban <User:Mention/ID> <Duration:Duration>
Ban <User:Mention/ID> <Reason:Text>
Ban <User:Mention/ID>

[-ddays ddays:Whole number - Number of days of messages to delete]

Invalid arguments provided: No matching combo found

REEEEE

-ban 500725169766268928 -ddays 1 Nitro scam

🔨 Banned Anonymous07P#8746 indefinitely

Thanks Jabba

https://tryhackme.com/room/johntheripper0#

in this room rar2john is not working in attackbox

i think something is messed up in environment path

Currently , we have to go in john folder then use ./rar2john

John directory is not set in $PATH

is the find command room removed? there is a link linux room to it but it shows private

@vital vine Removed that^
Private rooms are private so that people can’t access them

Mods != site staff, that room was replaced with a new room.

Usually we prevent teaching people how to bypass private rooms because it’s used to get into rooms that shouldn’t be accessed yet.

Boarders computer misuse when used incorrectly

Hello I have a possible bug in the Nessus room

I got the answer nevermind just thought it was weird

@eternal summit

-ban @wheat fractal -ddays 1 Nitro phish

🔨 Banned KrazyLazySloth#6150 indefinitely

I can't get the page in the Vulnversity room to load using the attack box. It says Firefox can't establish a connection to the server at 10.10.248.237.

Make sure you are specifying the port

Thank you. it works now

Gave +1 Rep to @eternal summit

Hello I think https://tryhackme.com/room/linuxprivesc the ssh is not working well cause I can't connect to it it said unable to find host key